Privacy: In the cloud and at home
18. May 2010
Privacy topics are surrounding everybody these days. It is not really the question if you have something to hide but rather if you want the whole world to know about it. And even more important, do you want that the whole world will still be able to find out in 20 years. The internet doesn’t forget.
Don’t make it too easy
While you can read everywhere that you should disable JavaScript and use tor both isn’t very useful in your everyday life yet. But there are some things that you can do and that make it at least more difficult to track your internet activity:
- Save cookies only “for this session”
- Disable flash cookies
- Avoid putting too much stuff into areas where you cannot control them (mail, social network, etc.)
Let me explain this a bit more. Everybody is using cookies to track you. Google does, facebook does, all advertisement companies do. By deleting cookies when you quit the browser there is a good chance that they won’t be able to recognize you next time[1]. You might want to make some exceptions here for convenience. For example, I allow cookies from bugzilla.gnome.org because I trust this site. But don’t do it for popular sites like Google (or GMail, Youtube). Google connects your gmail, search and youtube login so they have even more power tracking you.
Disabling flash cookies is not that easy but there are plenty of sites explaining how it works. If you have a html5-Browser you can probably avoid flash completely.
Let’s talk about the mail and social network thing. I know that GMail is highly popular and it is one of the best mail interfaces probably. Anyway, you should be sure that you really want this. It breaks down to two major problems:
- You are probably permanently logged into GMail! This way, every Google search you do is probably tagged with your real name as well as every YouTube video. And of course you might use the Google Calendar for your appointments. This is a quite big part of your life, yeah? Ever imagined this data in the wrong hands?
- Social networking can be fun. I also don’t think that there is a too big reason not to do it. But be careful what you want to show to the world. And keep in mind that the cookie that facebook (or any other social network) will place while you are logged in might be used by lots of partner sites. It is a bad idea to hang out on facebook the whole day – it also might demage your real life 😉
I use Google and GMail as an example here. Same is probably true for Hotmail/Bing or most services that are free (as in beer) .
In the end it might be cheaper to pay for some services that offer far better privacy. That isn’t really expensive, I am sure there are good mail providers out there and even if not, hosting a web/mail server (for you, your friends, your family) isn’t that expensive either. Just compare your mobile phone use to your mail use and how much money you spent on them.
Privacy in GNOME
I wonder that nobody brought that up already but in some parts we are going a dangerous road by making things more easy for the user. Tracker and especially Zeitgeist collect lots and lots of data that might be interesting for you, but also for your employer and maybe also for your jealous gril/boyfriend.
It is time to think about that before blindly using that technology. That implies some things we should do (some are already done):
- Add a “private mode” to GNOME where nothing is logged
- Make it easy to delete history/database entries as well as deleting the whole history
- Make sure that people are aware when their data is used (on the desktop or in the cloud). This becomes more important for things like a single (shared) account dialog between empathy and evolution that other applications might access using dbus.
- All the above should be available especially in environments where you don’t have control over the whole computer (e.g. no administrator rights, etc.)
Keep in mind that data is pretty worthless until it’s connected. Just my 2 cents…and next time I will tell you about the stunning new developments in Anjuta, promise 😉
[1] It’s not impossible: EFF browser fingerprint